Appl. No. 09/579,079 

Amdt. dated August 23, 2004 

Reply to Office Action of May 21, 2004 

Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

1 . (CURRENTLY AMENDED) In a computer system, a method for securing 
access to data, comprising: 

generating a first message at a first computer system, said first message 
comprising information corresponding to data, and transmitting said first message to a 
second computer system; 

receiving said first message at said second computer system, and generating a key 
pair comprising an encode key and a decode key for encoding and decoding of said data; 

generating a second message comprising said encode key, and transmitting said 
second message to said first computer system; [[and]] 

receiving said second message at said first computer system, wherein said encode 
key in said second message is used to encode said dataj[[.]] 

providing access to said encoded data by: 

generating a third message at said first computer system, said third 

message comprising information identifying said encoded data, said user 

information, and a digital signature; 



81045.943 Page 2 of 15 

Copied from 09553971 on 01/18/2005 



Appl. No. 09/579,079 

Amdt. dated August 23, 2004 

Reply to Office Action of May 21, 2004 



transmitting said third message to said second computer system; 

receiving said third message at said second computer system; 

using said information in said third message to retrieve a record 
corresponding to said encoded data, said record comprising said decode key for 
decoding said encoded data; 

verifying a stored digital signature in said corresponding record with said 
digital signature in said third message; 

upon successful verification, generating a data retrieval time stamp and 
storing said data retrieval time stamp; 

generating a fourth message comprising said decode key, and transmitting 
said fourth message to said first computer system; and 

receiving said fourth message at said first computer system, wherein said 
decode key in said fourth message is utilized to decode said encoded data. 

2. (PREVIOUSLY PRESENTED) The method of claim 1 further 
comprising: 

storing said key pair and said information in said first message in a database 

record. 

3. (CANCELED) 
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4. (PREVIOUSLY PRESENTED) The method of claim 1 wherein said first 
computer system comprises at least one client computer system and said second computer 
system comprises at least one server computer system. 

5. (PREVIOUSLY PRESENTED) The method of claim 1 wherein said 
generating said first message further comprises: 

generating a one way hash function associated with said data; and 

placing said one way hash function, information identifying said data, and user 

information associated with a user of said data at said first computer system in said first 

message. 

6. (CURRENTLY AMENDED) The method of claim 5 further comprising: 
obtaining after receiving said first message at said second computer^;]] 

generating a time stamp and a first digital signature representing [[,]] said 
digital time stamp[[,]] and said one way hash function in said first message; and 

storing said user information, said information identifying said data, said 
one way hash function, said one way time stamp and said first digital signature. 

7. (CURRENTLY AMENDED) The method of claim 6 wherein said second 
message further comprises: 

said time stamp, said information identifying said data, and said first digital 
signature in said second message . 
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8-14. (CANCELED) 

15. (CURRENTLY AMENDED) The method of claimj. [[14]] further 
comprising: 

upon unsuccessful verification, generating an attempted data retrieval time stamp 
and storing said attempted data retrieval time stamp. 

16-22. (CANCELED) 

23. (CURRENTLY AMENDED) In a computer system, a method for providing 
secure real time storage and retrieval of file data comprising: 

obtaining a secure save command from a user operating a screen element of a first 
computer system; 

executing said secure save command to securely save file data at said first 
computer system, said executing comprising: 

generating a first message at said first computer system, said first message 
comprising information corresponding to said file data, and transmitting said first 
message to a second computer system; 

receiving said first message at said second computer system and generating a key 
pair comprising an encode key and a decode key for encoding and decoding of said file 
data; 
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generating a second message comprising said encode key and transmitting said 
second message to said first computer system; and 

receiving said second message at said first computer system, wherein said encode 
key in said second message is used to encode said file data;[[.]] 

wherein said secure save command is performed by a component of a graphical 
user interface presenting command buttons on a user tool bar on said first computer 
system. 

24. (CANCELED) 

25 . (PREVIOUSLY PRESENTED) The method of claim 23 wherein 
registration functions are performed on said second computer system while said first 
computer system and said second computer systems maintain a secure link to each other. 

26. (PREVIOUSLY PRESENTED) The method of claim 25 wherein 
authentication functions are performed on said second computer system while said first 
computer system and said second computer systems maintain a secure link to each other. 

27. (PREVIOUSLY PRESENTED) The method of claim 25 wherein said 
secure link utilizes cryptographic protocols. 
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28. (PREVIOUSLY PRESENTED) A method of providing secure real time 
storage and retrieval of data comprising: 

maintaining a secure link between a first computer system and a second computer 
system while performing registration functions on said second computer; 

maintaining said secure link between said first computer system and said second 
computer system while performing authentication functions on said second computer 
system, wherein said authentication comprises obtaining an identity for said first 
computer system; 

obtaining a secure save command from a user, wherein said secure save command 
is embedded into a graphical user interface of said first computer system and said user of 
said secure save command of said graphical user interface initiates a process comprising 
the steps of: 

generating a first message at said first computer system, said first message 
comprising information corresponding to said file data and said identity, and 
transmitting said first message to said second computer system; 

receiving said first message at said second computer system and 
generating an encode key for encoding said file data and generating a decode key 
for decoding said file data; 

generating a second message comprising said encode key, and transmitting 
said second message to said first computer system; 

receiving said second message at said first computer system, wherein said 
encode key in said second message is utilized to encode said file data, 
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accessing encoded file data by generating a third message at said first 
computer system, said third message comprising information corresponding to 
said encoded file data, and transmitting said third message to said second 
computer system; 

receiving said third message at said second computer system, and using 
said information in said third message to retrieve a record corresponding to said 
encoded data, said record comprising said decode key for decoding said encoded 
data; 

generating a fourth message comprising said decode key and said 
information corresponding to said encoded file data, and transmitting said fourth 
message to said first computer system; 

receiving said fourth message at said first computer system, and using said 
decode key in said fourth message to decode said encoded file data. 

29. (PREVIOUSLY PRESENTED) The method of claim 28, wherein said 

step of generating said first message further comprises: 

generating a one way hash function of said file data; and 

placing said hash function, information identifying said file data, and user 

information for a user of said file data at said first computer system in said first message. 
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30. (PREVIOUSLY PRESENTED) The method of claim 29, further 
comprising: 

obtaining said first message at said second computer; 

generating a time stamp, and a digital signature representing said digital time 
stamp, and said hash function in said first message; and 

storing said user information, said information identifying said data, said hash 
function, said time stamp and said digital signature in a database record. 

3 1 . (PREVIOUSLY PRESENTED) The method of claim 30 wherein said 
second message further comprises: 

said time stamp, said information identifying said file data, and said digital 
signature in said second message. 

32. (PREVIOUSLY PRESENTED) The method of claim 28 wherein said 
encoded file data may be stored at a third computer system. 

33. (PREVIOUSLY PRESENTED) A method for providing secure storage of 
data, comprising: 

transmitting a secure save request from a client to a server, said secure save 
request comprising a file name associated with a data file, an identification value 
associated with said client, and a one-way hash function of said data file; 

generating a storage timestamp at said server; 
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generating a digital signature at said server based on said storage timestamp and 
said one-way hash function; 

generating, at said server, a first encryption key for encoding and a second 
encryption key for decoding; 

storing said file name, said identification value, said storage timestamp, said 
digital signature and said second encryption key in a database record; 

transmitting a secure save response from said server to said client, said secure 
save response comprising said file name, said digital signature, and said first encryption 
key; 

using said first encryption key and said data file to obtain encrypted data at said 
client; and 

storing said encrypted data and said digital signature in association with said file 

name. 

34. (PREVIOUSLY PRESENTED) The method of claim 33, further 
comprising: 

transmitting a secure retrieve request from said client to said server, said secure 
retrieve request comprising said file name, said identification value and said digital 
signature; 

said server comparing said file name, said identification value and said digital 
signature from said secure retrieval request with said file name, said identification value 
and said digital signature from said database record; 
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when said comparing is a match, 

generating a retrieval success timestamp and storing said retrieval success 
timestamp in said database record; 

transmitting a secure retrieval response from said server to said client, said 
secure retrieval response comprising said file name and said second encryption 
key; and 

said client using said second encryption key to decode said encrypted data. 

35. (PREVIOUSLY PRESENTED) The method of claim 34, further 
comprising, when said comparing is not a match: 

generating a retrieval attempt timestamp; and 

storing said retrieval attempt timestamp in said database record. 

36. (PREVIOUSLY PRESENTED) The method of claim 34, further 
comprising: 

said client auditing said database record to obtain an access history comprising 
said storage timestamp and said retrieval success timestamp. 

37. (PREVIOUSLY PRESENTED) The method of claim 33, further 
comprising: 

transmitting a second secure save request from said client to said server, said 
second secure save request comprising said file name; 
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said server generating a third encryption key for encoding and a fourth encryption 
key for decoding, wherein said third encryption key and said fourth encryption key differ 
from said first encryption key and said second encryption key, respectively. 
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